The following Fedora EPEL 6 Security updates need testing:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-1af9888c22
golang-1.15-1.el6
2
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-972f57ea6d
drupal7-7.72-1.el6
The following builds have been pushed to Fedora EPEL 6 updates-testing
mbedtls-2.7.17-1.el6
php-phpseclib-2.0.29-1.el6
Details about builds:
================================================================================
mbedtls-2.7.17-1.el6 (FEDORA-EPEL-2020-b425525e83)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 2.7.17
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 8 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 2.7.17-1
- Update to 2.7.17
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1875047 - CVE-2020-16150 mbedtls: local side channel attack on classical CBC
decryption in (D)TLS
https://bugzilla.redhat.com/show_bug.cgi?id=1875047
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-2.0.29-1.el6 (FEDORA-EPEL-2020-8a6e53864f)
PHP Secure Communications Library
--------------------------------------------------------------------------------
Update Information:
**Version 2.0.29** - 2020-09-07 - SFTP: add enableDatePreservation() /
disableDatePreservation() (#1496) - SFTP: uploads on low speed networks could
get in infinite loop (#1507) - SSH2: when building algo list look at if crypto
engine is set (#1500) - X509: really looong base64 encoded strings broke
extractBER() (#1486)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 8 2020 Remi Collet <remi(a)remirepo.net> - 2.0.29-1
- update to 2.0.29
--------------------------------------------------------------------------------